IT/Software career thread: Invert binary trees for dollars.

  • Guest, it's time once again for the massively important and exciting FoH Asshat Tournament!



    Go here and give us your nominations!
    Who's been the biggest Asshat in the last year? Give us your worst ones!

The_Black_Log Foler

PalsCo CEO - Stock Pals | Pantheon Pals
<Gold Donor>
47,838
43,038
I absolutely love working for a smaller company. I went from the biggest of big corporate at General Motors to a company of <300 people. I was employee 231 when I was hired. Now we're nearly at 600 and this is in barely a year.

I will focus solely on sub 500 employee companies from now on when I eventually get a new job. It's just way too awesome to actually have a direct impact on the entire organization and see your ideas come to fruition and be used by the entire company. Can't beat it. I got a raise and a promotion in just over a year solely because I could directly tell leadership my value and prove it.

No fighting for access, no hunting for people, just given problems to solve and solving them. My one gripe is the other side of this coin. When problems come up across the organization people brainstorm to find solutions and often just take the very first one that sounds remotely plausible. Leading to huge issues that I end up solving because of their complete lack of scalability. I've been trying to teach everyone to assume that your first idea is stupid and inefficient because it probably is. Especially mine!
Man, hope my next company is sub 500. Sounds awesome!
 
  • 1Like
Reactions: 1 user

ShakyJake

<Donor>
7,918
19,985
Also, what frameworks would you recommend for HTML/CSS? I mean, as I've said before, I kind'a know it... Kind'a don't. Just wanna get a page up (besides a WordPress page) to be able show that yes, I'm able to do this shit.
If you want a job in the industry I'd go in this order: React > Angular > Vue.

If you want ease of learning then go Vue.

There are many other frameworks/libraries out there, of course. Probably the only other one I'd recommend would be maybe Svelte.js. That one is very similar (in structure) to Vue but compiles into Javascript and doesn't need a framework to execute it afterwards. It is very fast and small.
 
  • 1Like
Reactions: 1 user

goishen

Macho Ma'am
3,627
14,740
What I'd like to do is get a programming job, not a web job. But, if that's the only option, I'd like a backend web development job using primarily Python. Front end shit is just too much of, "Put this here... Make it look beautiful."

Of course, I'm not really sure that's possible in my area, seeing as they're all asking for senior Python developers. Tons of front end jobs. Meh. Guess I'm fucked by where I live.
 

ShakyJake

<Donor>
7,918
19,985
What I'd like to do is get a programming job, not a web job. But, if that's the only option, I'd like a backend web development job using primarily Python. Front end shit is just too much of, "Put this here... Make it look beautiful."
My current job we work with Angular and it's not my responsibility to "make it look beautiful". The building blocks were already created by the architects so we just put them on a page and wire up the services to the backend. It's not horribly complicated but it is, in my opinion, more interesting and fun than pure back-end work. I'm full-stack so I do it all. Back-end is just serving up data for the front-end. Zzzzz.

Python? Ugh.
 

goishen

Macho Ma'am
3,627
14,740
Hmmm. I'm looking at the job requirements in my area right now, and I am seeing that not all Python developer jobs require senior level shit. And yah, I know that Python gets a lotta shit. But, I'm having fun.
 

The_Black_Log Foler

PalsCo CEO - Stock Pals | Pantheon Pals
<Gold Donor>
47,838
43,038
If you want a job in the industry I'd go in this order: React > Angular > Vue.

If you want ease of learning then go Vue.

There are many other frameworks/libraries out there, of course. Probably the only other one I'd recommend would be maybe Svelte.js. That one is very similar (in structure) to Vue but compiles into Javascript and doesn't need a framework to execute it afterwards. It is very fast and small.
Ya I see job reqs for angular a lot. Imagine since it's been around a while. Legacy software ftw
 

The_Black_Log Foler

PalsCo CEO - Stock Pals | Pantheon Pals
<Gold Donor>
47,838
43,038
Hmmm. I'm looking at the job requirements in my area right now, and I am seeing that not all Python developer jobs require senior level shit. And yah, I know that Python gets a lotta shit. But, I'm having fun.
Tons of reqs for senior positions and less for entry these days it seems.
 

Phazael

Confirmed Beta Shitlord, Fat Bastard
<Aristocrat╭ರ_•́>
14,696
31,621
Any other sysadmins or IT managers also seeing a huge uptick in hacking attempts over the last few months? I’m not talking rando script kiddy shit or port scanners, but actual targeted efforts. Just in the last month we’ve had two targeted phishing attacks, one that was blocked by our web filter, but would take you to a phony OWA sign in page that copied our branding, the 2nd being similar however it was hosted on a specific url of a compromised personal training website. Then someone literally tried about 500 logins to our Remote Desktop gateway using a list of employee usernames going back over a decade— most not even employed anymore. Constant attack attempts at our various Wordpress hosted websites too looking for vulnerable or out of date plug-ins.
Shit is keeping me up late at night— these latest ransomware attacks look fucking deadly.

Been seeing an uptick of this where I am at. All appear to be from the rang rangs. Not to inject politics into this thread, but they have been doing this shit for a while but are probably pulling out all the stops in an effort to crash out economy before theirs bites it. Makes sense they would be pulling this sort of shit, since its low effort and nets you a lot of gain for the effort.
 

Frenzied Wombat

Potato del Grande
14,730
31,803
Been seeing an uptick of this where I am at. All appear to be from the rang rangs. Not to inject politics into this thread, but they have been doing this shit for a while but are probably pulling out all the stops in an effort to crash out economy before theirs bites it. Makes sense they would be pulling this sort of shit, since its low effort and nets you a lot of gain for the effort.

Check out some of the hacking platforms out there now, shit has gone SaaS practically. It's like fucking Azure marketplace but for hackers. The skillset threshold necessary for hacking is being driven lower and lower. Now any fucktard that knows what a command prompt is, has a Tor browser, and some bitcoin can rent-a-fuck a network, and not just the mom and pop retard network that has 3389 forwarded.
 
  • 1Like
  • 1WTF
Reactions: 1 users

agripa

Molten Core Raider
599
539
Check out some of the hacking platforms out there now, shit has gone SaaS practically. It's like fucking Azure marketplace but for hackers. The skillset threshold necessary for hacking is being driven lower and lower. Now any fucktard that knows what a command prompt is, has a Tor browser, and some bitcoin can rent-a-fuck a network, and not just the mom and pop retard network that has 3389 forwarded.

Lots of ransomware groups sell their stuff as a service now. Attacks are getting more sophisticated depending on the group attacking you. Peeps that use netwalker ransomware for instance will usually be in your environment for a few months before they launch their attack. Maze is another group that comes to mind they will threaten to release your data in the wild if you don't pay the ransom. A large amount of companies will pay the fee. Garmin for instance paid 10 million bucks supposedly for their decryption key. Blackbaud paid to not have their data dumped same with UCSF.
 
  • 1WTF
Reactions: 1 user

TJT

Mr. Poopybutthole
<Gold Donor>
42,800
109,261
Not totally the same but we are in a similar legal battle with one of the other companies in our equity partner's portfolio. We have had a Venture Capital equity company for the past 2 years. They will likely exit within another year. However, one of the other companies they are involved with is some kind of data analytics company. They bitched and moaned to the capital company for access to our product usage data (we sell a SAAS product that mostly only applies to companies with a lot of technical infrastructures).

Our legal/CEO stalled on it because they didn't want to give it to the data company for whatever reason. Somehow, someway though the data company was able to get a cloned copy of our product data going back at least a year. To the point that they were confident enough that they could sell datasets based around our aspect of the tech industry.

Queue leadership losing their shit about this. They hired some Cyber Security auditors to dig around and find out how this happened. I personally designed our data warehouse and know for a fact it didn't come from there and was able to prove that. Which only leaves that they got it from our product itself somehow. Haven't heard back from it but I've been impressed with the skill of these auditors so far. They do really know their shit and are not retards like the security guys I worked with at GM.
 

TJT

Mr. Poopybutthole
<Gold Donor>
42,800
109,261
Lots of ransomware groups sell their stuff as a service now. Attacks are getting more sophisticated depending on the group attacking you. Peeps that use netwalker ransomware for instance will usually be in your environment for a few months before they launch their attack. Maze is another group that comes to mind they will threaten to release your data in the wild if you don't pay the ransom. A large amount of companies will pay the fee. Garmin for instance paid 10 million bucks supposedly for their decryption key. Blackbaud paid to not have their data dumped same with UCSF.

SaaS hacking lol. 21st Century!
 

goishen

Macho Ma'am
3,627
14,740
If you can hack websites, u r a h4(|<3r. Similarly, if you're stupid enough to hide behind a password like password as root, you deserve to get hacked.
 
  • 1Like
Reactions: 1 user

Deebo

Molten Core Raider
84
48
I have a question (maybe a dumb one, im not a sysadmin) that someone here might have a good solution to. What would be the easiest way to change the administrator password across all devices on our network, and to take it a step further theres at least one other admin account that was created (ITAdmin). There were some prior employees that had created other admin accounts as well. I have seen some stuff about PDQ?
 

a_skeleton_06

<Banned>
1,923
2,411
Sounds like you should audit your user accounts and use something like AD Laps / Recast to manage your local admin stuff.
 
  • 1Like
Reactions: 1 user

Neranja

<Bronze Donator>
2,633
4,212
I was looking into Laps. We should be getting this soon as well Access Rights Manager (ARM) | SolarWinds , it looks like it will handle the auditing.
LAPS is the cheapest, because you can download it from Microsoft. Works like this: Every Computer Object in your AD gets two additional attributes, one for the admin password (ms-Mcs-AdmPwd, cleartext), and one timestamp when the next password change is due (ms-Mcs-AdmPwdExpirationTime).
Problems:
  • You need a schema extension for your AD.
  • Security depends totally on AD ACL permissions and AD server security.
  • You can only store one password per machine account.
  • Doesn't care about other privileged accounts.
If some other admins created different privileged accounts you need an audit, either manually or automated. SolarWinds ARM should be able to do this, anther software is CyberArk Endpoint Privilege Manager.
 
  • 2Like
Reactions: 1 users

Phazael

Confirmed Beta Shitlord, Fat Bastard
<Aristocrat╭ರ_•́>
14,696
31,621
If you need to change local machine admin accounts, ARM is the best option. This is especially true if a ton of assholes made their own local accounts on their boxes to circumvent your site security policies either by arm twisting their IT derps or putting them in place before you implemented any infosec policies in your work place.. I say this as someone who used to do this to get around such restrictions. It also serves a lot of other functions that will help you in the long haul, so its money well spent.
 
  • 1Like
Reactions: 1 user

Voyce

Shit Lord Supreme
<Donor>
8,259
29,345
Fucking COMP-3 Defined fields, really, is space still that much of an issue, for one tiny fee program? This isn't even legacy code.

I'd post this in the Rustle thread, but....


What a pain in the ass.